An audit universe with full coverage
Register every auditable entity in one universe — drawn from the Service Catalog when it's licensed, or kept on a built-in local list when it isn't — so coverage planning starts from the whole picture.
UniSentinel module
Build your audit universe, plan the year on risk, run engagements with workpapers and reviewer sign-off, and issue findings and reports through a real approval chain — with follow-up tracking that sees every agreed action through.
Capabilities
Built for audit teams that must defend every conclusion — from why an entity was audited to who approved the report.
Register every auditable entity in one universe — drawn from the Service Catalog when it's licensed, or kept on a built-in local list when it isn't — so coverage planning starts from the whole picture.
Build the annual audit plan with risk-based prioritization. When Risk Management is licensed, live risk scores flow straight into the plan — so you audit where the exposure actually is.
Every engagement carries its scope, team and schedule, and moves through a defined status workflow — so the whole team knows exactly where fieldwork stands.
Fieldwork documents are stored as workpapers with reviewer sign-off, so every conclusion in the report traces back to reviewed evidence.
Each finding records severity plus criteria, condition, cause and effect — then the recommendation, the management response, and an agreed action with a due date.
Audit reports are issued through the platform approval engine — named approvers or roles, N-of-M rules, a recorded decision chain — with audit status widgets and reports for ongoing visibility.
Standalone by design
License Internal Audits alone and you still run the complete lifecycle, universe to follow-up. Every integration has a built-in local fallback.
Better together
Integrations are first-class, with defined fallbacks when the counterpart isn't licensed — and automatic data promotion when it is.
Draw the audit universe from real services, assets and org units — and when you start local, promotion merges your universe into the catalog.
Annual plans prioritize by live risk scores, and findings can raise new risks straight into the risk register.
Agreed actions from findings become tracked remediation tasks — and follow-up watches them through to completion.
Run fieldwork checklists as structured assessments instead of ad-hoc documents — consistent questions, comparable answers.
Audit findings and compliance gaps meet in the same remediation engine and the same dashboards — one picture of what needs fixing.
Findings feed the executive layer, rolling into the consolidated dashboard and board-ready reporting.
How it works
Build the audit universe and the annual plan — prioritized by live risk scores when Risk Management is licensed, by your own judgment when it isn't.
Open engagements with scope, team and schedule, run fieldwork on structured checklists, and store workpapers with reviewer sign-off.
Record findings with severity, criteria, condition, cause and effect; capture management responses and agreed actions; then issue the report through approvals.
Track every agreed action to its due date, close findings as the work completes, and feed results to executive dashboards.
Completely. The audit universe runs on a built-in local list of auditable entities, planning works without live risk scores, and remediation uses a built-in local checklist. When you license Service Catalog later, a guided promotion merges your local universe into the catalog.
When Risk Management is licensed, the annual plan pulls live risk scores to prioritize which entities get audited. Without it, you still build the same plan over your universe and set priorities yourself.
Severity plus the full criteria, condition, cause and effect model — then the recommendation, the management response, and an agreed action with a due date. Follow-up tracking stays on it until it's closed.
Report issuance is gated through the platform's approval engine: you define who must approve — specific roles or named users, including N-of-M rules — and the decision chain is recorded in the immutable audit trail.
Modules
One living inventory of your services, assets and org structure — with relationship-driven network and data-flow diagrams.
Learn moreA configurable risk register with methodologies, heatmaps, treatment plans and approval-gated risk acceptance.
Learn moreThe execution engine: tasks, activities, kanban and calendar views — where every finding, gap and treatment gets done.
Learn moreA reusable questionnaire and campaign engine for self-assessments, control effectiveness and maturity scoring.
Learn moreRequirement libraries, policies and a common control set — map once, satisfy many frameworks, close the gaps.
Learn moreThe executive layer: strategic objectives, committees, meetings and board-ready reporting across every module.
Learn moreGet started
Book a 30-minute walkthrough. We'll map your program to the modules you need — cloud, on-prem Linux or Windows Server.
Every module works standalone. License only what you need — grow when you're ready.